## Cryptology ePrint Archive: Report 2019/796

The End of Logic Locking? A Critical View on the Security of Logic Locking

Susanne Engels and Max Hoffmann and Christof Paar

Abstract: With continuously shrinking feature sizes of integrated circuits, the vast majority of semiconductor companies have become fabless, i.e., chip manufacturing has been outsourced to foundries across the globe. However, by outsourcing critical stages of IC fabrication, the design house puts trust in entities which may have malicious intents. This exposes the design industry to a number of threats, including piracy via unauthorized overproduction and subsequent reselling on the black market. One alleged solution for this problem is logic locking, also known as logic encryption, where the genuine functionality of a chip is locked'' using a key only known to the designer. If a correct key is provided, the design works as intended but with an incorrect key, the circuit produces faulty outputs. As the keys are inserted by the designer after production, an adversarial foundry should not be able to unlock overproduced chips.

In this work, we highlight major shortcomings of proposed logic locking schemes. They are primarily due to the absence of a well-defined and realistic attacker model in the current literature. To this end, we characterize physical capabilities of a malicious foundry, especially with respect to invasive attacks. This allows us to derive an attacker model that matches reality, yielding attacks against the foundations of locking schemes beyond the usually employed SAT-based attacks. Our analysis shows that no previously proposed logic locking scheme is able to achieve the intended protection goals against piracy in real-world scenarios. As an important conclusion, we argue that there are strong indications that logic locking will most likely never be secure against a determined malicious foundry.

Category / Keywords: foundations / Logic Locking, Logic Encryption